On Advent Sunday, the infamous hacker who goes by the name of KingCope appears to have had a stock clearance and released a whole range of exploits, some of which date back to 2011. The exploits released on 2 December mostly target the now-Oracle-owned MySQL open source database, but the SSH servers by SSH Communications Security and FreeSSHd/FreeFTPd are also at acute risk.

__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

The published holes in FreeSSHd's and the SSH protocol developers' SSH servers are nothing short of embarrassing. Apparently, both holes can be exploited to bypass the password check and log in with an arbitrary password. With SSH's Tectia server, the exploit description says that attackers can modify a legitimate user's password by calling input_userauth_passwd_changereq() before logging in. In case of the FreeSSHd/FreeFTPd server, all that appears to be required is to ignore a refusal message by the server and declare the session to be open at the right time. All the exploit has to do is add an extra call to the existing ssh_session2() function of the regular openssh client.